The sources of noise in a readback signal from a magnetic recording medium have been investigated and identified. As disclosed in U.S. Pat. No. 5,546,462, the disclosure of which is incorporated herein by reference, one of those sources includes the irregularities and defects in the microstructure of the magnetic medium itself. For many years, the noise generated from this source has been thought, as with the noise generated from other identified sources, to be random and subject only to statistical analysis for its determination. The inventors hereof have demonstrated that this noise component is instead deterministic, i.e., permanent and repeatable, depending entirely on the head-medium position and on the magnetic history of the medium. As confirmed by experiments conducted by the inventors hereof, when the medium has had no signal written on it and has been exposed only to dc fields, the observed readback signals are almost identical. The magnetic contribution to the readback signal under these conditions results from spatial variations in the medium's magnetization: magnetic domains, ripple, local fluctuations of the anisotropy field and saturation magnetization. These local properties, in turn, are affected by the morphology and magnetic properties of the individual grains which make up the domain and which do not change after deposition. Hence, the noise from a nominally uniformly magnetized region measured at a fixed position on a magnetic medium is reproducible. As shown by the inventors hereof, a magnetic medium may be dc saturated and then read to determine its remanent state or remanent noise. The inventors have confirmed that this remanent noise is a function of the magnetic microstructure by comparing the remanent noise after a positive dc saturation with the remanent noise after a negative dc saturation. It has been found that these waveforms are virtual "mirror images" of each other thereby demonstrating a close correlation. Similarly, other methodologies were used to confirm that the remanent noise was deterministic, repeatable, and related to the physical microstructure of the magnetic medium itself. Remanent noise arising from the permanent microstructure exhibits identifiable features characteristic of that permanent microstructure after practically any magnetic history. See Spatial Noise Phenomena of Longitudinal Magnetic Recording Media by Hoinville, Indeck and Muller, IEEE Transactions on Magnetics, Volume 28, No. 6, November 1992, the disclosure of which is incorporated herein by reference.
There is a long felt need in the art for a method and apparatus to reliably identify or fingerprint various kinds of objects including the wide variety of prerecorded magnetic media presently marketed and/or distributed in the United States and throughout the world. Examples of these magnetic media include those produced and sold in the entertainment industry including magnetic and magneto-optic discs and tapes, cassette tapes, reel to reel tapes, videotapes, etc. Still another major market in prerecorded magnetic media is the tremendous volume of computer programs routinely sold and/or distributed on floppy diskettes and digital tapes. Magnetic media are also used for other purposes for which it is important to be able to identify and authenticate originals including videotapes, cassette tapes, and other prerecordings on magnetic media including tapings of telephone conversations, video recordings of criminal activities, and other such investigative and documentary uses. Still another example of a need in the art for authentication and verification of prerecorded magnetic media lies in the magnetic data card field. Examples of magnetic data cards include the well-known credit card as well as ATM cards, debit cards, security or ID cards, mass transit cards, telephone cards, and even airline tickets or other vouchers which have magnetic stripes thereon for the magnetic recording of data. As well-known in the art, virtually every magnetic data card has a magnetic stripe of prerecorded magnetic data which is used to record the customer's account number or other such identifying data. Tremendous sums of money are lost annually through forgery and other fraudulent copying and use schemes which could be virtually eliminated if an apparatus and methodology could be implemented for reliably authenticating and verifying the identity of a magnetic data card prior to it being approved for its associated transaction.
Prerecorded magnetic media are but one of a variety of objects for which reliable identification or fingerprinting is needed. Tremendous sums of money are also lost annually to forgery or fraudulent copying and use of paper documents such as checks, bank drafts, money orders, and other negotiable or non-negotiable financial instruments including bonds, stock certificates, etc. If these various types of paper documents could be authenticated as they are processed through the financial markets, forgeries thereof could be detected before a particular transaction was cleared.
The explosive growth of the Internet and other computer networks and databases have also resulted in yet another area where reliable verification or authentication is needed. Typically, reusable passwords are assigned to authorized users and access to the network is conditioned upon whether the user can provide the assigned reusable password. This methodology, however, has at least two significant drawbacks. First, because the network provides access to any user who can provide the password for a corresponding account number, unscrupulous users can share a single account and password, often to the pecuniary detriment of the network. For example, one user might pay a flat monthly fee for accessing the Internet, and then share the assigned account number and password with others such that multiple users are accessing the Internet when only a single fee has been paid. This type of fraudulent access is often difficult if not impossible to detect except in egregious cases such as where twenty-five hours are logged to a single account in one day.
Another drawback to reusable passwords for both on-line and off-line computer networks and databases stems from the increasing incidence of on-line interception and electronic eavesdropping. For example, where a computer network or database contains proprietary or otherwise secret information, a user's account number and corresponding password can be intercepted as they are provided by the user to the network. The intercepted account number and password can then be subsequently used to access the network and thereby defeat the security provided by the reusable password. Similarly, where a user is charged based on how long or often the user accesses the network, interception and use of the reusable password by third parties can lead to charges to the user for unauthorized use by others. Thus, a method and apparatus is needed which can thwart both sharing and unauthorized use of legitimate network and database accounts.
Along this same line, computer hardware and software manufacturers need a means for reliably identifying purchasers who seek technical support from the manufacturer. Oftentimes, manufacturers condition access to technical support, which is usually provided by phone, on the customer's ability to provide information specific to the purchased hardware or software for which technical support is needed. For example, software manufacturers routinely query callers for the serial number placed on a floppy diskette and perhaps for the name of the registered purchaser before technical support is given. However, this information can be shared by the purchaser with others, and is oftentimes shared with everyone on the Internet. As a result, manufacturers often provide technical support to persons who pirated the software without any payment to the manufacturer for the pirated software or for the technical support rendered.
Still another need for reliable and remote identification stems from the increasing use of on-line computer networks for conducting business transactions. More and more information as well as products are being sold on-line, such as through the Internet, and many customers seek to pay for these transactions with credit cards. However, on-line use of credit cards requires the purchaser to transmit credit card information such as the account number to the seller, and there is a serious risk to the purchaser that the credit card information will be intercepted and fraudulently used by others. A related concern for the on-line seller is that the provided credit card information might be stolen, as the seller usually has no way to remotely verify that the purchaser physically possesses the credit card corresponding to the provided credit card information.
The inventors hereof are aware of some specific efforts directed at verifying or authenticating various objects. As related in an article entitled Novel Applications of Cryptography in Digital Communications by Omura, IEEE Communications Magazine, May 1990, a technique is disclosed for authenticating paper documents. As described therein, the basic idea is to measure some unique "fingerprint" of the paper and to sign (encrypt) it using the secret key of the manufacturer of, for example, a stock certificate. The fingerprint is obtained by moving a narrow intense light beam along a line on the paper and measuring the light intensity that passes through the paper. The light intensity function determined by the unique random pattern of paper fibers along the line forms the fingerprint of the particular piece of paper. This fingerprint is then digitized and encrypted by the secret encryption function. The encrypted fingerprint is then separately printed onto the paper in digital form such as a bar code. At a later date, the authenticity of the stock certificate may be verified by using a non-secret public decryption function to decrypt the encrypted data on the paper and reconstruct the intensity function, or fingerprint, that was recorded thereon. Next, the actual intensity function of the stock certificate is measured. If this newly measured intensity function agrees with the intensity function reconstructed from the encrypted data, the document may be declared authentic. This scheme takes advantage of a well-known secrecy system referred to as a public key cryptosystem. This system employs a trap door one-way function. A user chooses a secret key (the trap door) and after applying the trap door one-way function to the data, the procedure determines an algorithm used for decoding which is made publicly known. The trap door one-way function is also used to produce the encrypted message. Then every other user can understand the original message by applying the algorithm to the cryptogram. In this system no one else can produce a publicly readable message attributable to the originator's trap door as only the originator has knowledge of that algorithm. This prevents the simplistic forgery attempt of changing the prerecorded fingerprint to agree with a forged document's fingerprint.
Another example of an attempt in the prior art to fingerprint or counterfeit-proof objects is described in U.S. Pat. No. 4,806,740. As shown therein, an object, such as a stock certificate, has deposited thereon a stripe of magnetic medium having a variable density resulting from the non-uniformity of the paper, the process of depositing the magnetic medium on the document, and the dispersion of magnetic particles within the medium. The density variations are randomly created as the magnetic medium is applied, which affords a unique document as these density variations are fixed and repeatable to identify the document. A second magnetic stripe is also applied to the document, but this magnetic stripe is comprised of a medium that is tightly specified and highly controlled in accordance with well-known standards in the recording art to be part of a magnetic read/write system. In operation, the non-uniform magnetic stripe is erased and recorded on with a standard recording comprised of a linear dc signal or a linear ac signal or a linear bias signal. After recording, another head senses the magnetic characteristic of the recorded magnetic stripe which is translated into a digital, machine readable format, and then separately recorded on the second magnetic stripe in a simple write function. For authentication, the stock certificate is passed under another set of heads which first reads the digitally recorded machine readable representation of the sensed noise signal and then a second set of heads reads the variable density magnetic stripe by first erasing it, recording the same standard noise function, and then sensing the output of the recorded noise function as it is "distorted" by the variable density magnetic stripe. If it matches the recorded representation thereof, then the document is declared to be authentic and original. Thus, with the method of the '740 patent, a pair of magnetic stripes must be applied to the document and a specified signal (denominated as noise) must be recorded, measured, and then its output digitally recorded. Furthermore, one of the magnetic stripes must be applied in other than recording industry standard and in a random manner to ensure the randomness of the output thereof. These steps make the method of the '740 patent difficult and inconvenient to implement.
Another example of a prior art attempt to utilize a magnetic medium for authenticating credit cards, documents, and the like is found in Pease et al., U.S. Pat. No. 4,985,614. The '614 patent is actually quite similar in concept to the '740 patent discussed above in that it focuses on the macroscopic, hereinafter denoted "macro" variations in a magnetic medium, and their effect on an "enhancing" signal recorded thereon in one embodiment or standing alone in a second embodiment. With either embodiment, these "macro" variations are determined by reading a chosen length of approximately 2.6 inches of a magnetic stripe between three and nine times (five in the preferred embodiment) and then correlating the collected data points to "average out" the effects of head noise, electrical noise, and any other non-medium noise. This correlation results in a "representative profile" which represents the variances which would be induced by these macro effects to a signal if it were recorded on this 2.6 inch portion of magnetic stripe. If these variations are not significant enough to produce a reliable correlation, indicating a lack of significant macroscopic nonuniformities in the medium, the medium is discarded. This is an indication that the medium has been manufactured with too little variation from specification, or otherwise does not have enough macro level variation which might be present due to a manufacturer's watermark or the like, to induce reliably detectable and repeatable variations to a recorded signal. The '614 patent also suggests that macro level noise may be enhanced by locally altering the apparent magnetic characteristics of the stripe such as by placing magnetic symbols on the substrate underlying the magnetic region, or by embossing selected regions of the magnetic material so as to physically move some amount of the material. As the noise levels measured have significant effects on the peaks of a recorded enhancing signal, a simple peak detect and hold circuit is taught as sufficient to collect the data, and a simple "comparison" of the prerecorded "representative profile" with the presently sensed data points is taught as sufficient to determine if the medium is authentic. Therefore, not only does the '614 patent focus on the use of macro level noise, its device and methodology disclosed for implementing a macro level noise detector is believed to be incapable of reliably creating a microstructure noise level fingerprint and validating its existence at a later time in order to authenticate an original.
A device is also known for verifying a user's identity before granting access to a computer system or network. The device includes a "token" issued to an authorized user of the network, and a corresponding "access control module" that resides with a network host, operating system, or other communications device. Both the token and the access control module generate unique, one-time "unpredictable" access codes every sixty seconds. To gain access to the network, a user must enter the current code displayed on the token. If the entered code matches the code generated at that same moment by the corresponding access control module, network access is granted. In this manner, the identity of the user can be remotely verified by verifying that the user possesses the token at the time access is requested. The significant drawbacks to this system are that the network must acquire, i.e., purchase, an access control module and a token for every authorized user, and the authorized users must then carry the tokens in addition to the numerous other magnetic data and identification cards carried by the average individual. Additionally, because each token and its corresponding access control module generate the same exact code every sixty seconds, this implies that a predetermined algorithm is used, and further implies that "cracking" the algorithm is not beyond the realm of possibility. Furthermore, because the token carried by the authorized user utilizes electronics and a screen for generating and displaying the access codes, reliable operation of the token depends upon battery power.
In order to solve these and other problems in the prior art, the inventors hereof have developed a method and apparatus for utilizing the unique, deterministic, remanent noise characteristic of a magnetic medium, due to its magnetic microstructure, to fingerprint not only documents, but other objects and more importantly, the magnetic medium itself so that it can be identified and authenticated. This inventive technique relies upon the discovery that the microscopic structure of the magnetic medium itself is a permanent random arrangement of microfeatures and therefore deterministic. In other words, once fabricated, the recording medium's physical microstructure remains fixed for all conventional recording processes. In particulate media, the position and orientation of each particle does not change within the binder for any application of magnetic field; in thin film media, the microcrystalline orientations and grain boundaries of the film remain stationary during the record and reproduce processes. It is the magnetization within each of these fixed microfeatures that can be rotated or modified to form the basis of the magnetic recording process. If a region of a magnetic medium is saturated in one direction by a large applied field, the remanent magnetization depends strongly on the microstructure of the medium. This remanent state is deterministic for any point on the magnetic medium. Each particle or grain in the medium is hundreds to thousands of Angstroms in dimension. Due to their small size, a small region of the magnetic surface will contain a very large number of these physical entities. While the fabrication process normally includes efforts to align these particles, there is always some dispersion of individual orientations and positions. The actual deviations will be unique to any region of the medium's surface making this orientation a signature or a "fingerprint" of that medium. To reproduce this distribution, intentionally or not, is practically impossible since this would entail a precise manipulation of the orientation of numerous particles at the submicron level. Thus, the orientation of a large set of particles on a specific portion of a magnetic surface can uniquely identify that medium. In experiments, the inventors have found that the remanent noise from a length of between about 30 micrometers and 4300 micrometers presently provides enough data to "fingerprint" a magnetic medium. This may be contrasted with the 66,040 micrometers (2.6 inches) of length required in the method of the '614 patent discussed above to fingerprint a magnetic medium using macro noise.
In essence, the present invention is elegantly simple and adapted for implementation by conventional magnetic transducers as are commonly found and used in virtually every read or read/write device presently utilized by the public at large. Such examples include credit card readers, magneto-optic disc players, cassette players, VCRs and personal computers. Furthermore, an inexpensive card reader may be coupled with virtually any device or process, and the card reader used as a "gatekeeper" to permit input or access only by those who can present a valid passcard for authentication. The card reader can also be used to facilitate approval of on-line credit card transactions. Because of the relatively small amount of "magnetic medium" which is required to achieve an accurate fingerprinting, the application of the present invention extends well beyond magnetic recording surfaces as discussed above. For example, the magnetic numbers applied to bank checks have sufficient length to provide for accurate "fingerprinting" of each individual check.
In its simplest implementation, a conventional recording head need merely dc saturate a specified portion of a magnetic medium, and then "read" or "play back" the remanent noise which remains. For convenience, the fingerprint may be obtained from a region between two recorded magnetic transitions already in place on the medium. This remanent noise, which is an analog signal, may then be digitized and recorded, on the medium itself or elsewhere, in machine readable format and perhaps using a trap door function depending upon the particular application. Thus, the magnetic medium itself can be "labeled" with its fingerprint. Verification or authentication of that magnetic medium is simply achieved by reversing this process except that in the more security sensitive applications the digitally recorded fingerprint must be decrypted using a publicly known key. Should the measured remanent noise match the remanent noise as recorded, the magnetic medium is authenticated.
There are many variations in utilization of the inventors' method and apparatus which expand its universe of applications. For example, some applications need not require the use of a trap door function such as, for example, when the encoded objects are not publicly distributed and instead are being identified solely for the user's purposes. One such example would be for use with inventory items. Other examples include those applications of magnetic media which are not adapted for the recording of data or information thereon. For example, a bank check includes magnetic numbers along its lower edge which are used to process the bank check at various stages in the check clearing system of the financial world. At any one or more selected points in that system, a fingerprint may be used to verify that the check is valid and is not a forgery. In this application, the bank check may be fingerprinted by the issuing institution as bank checks are given to account holders for their use. This would eliminate the widespread counterfeiting of bank checks using either accurate or inaccurate account holder information imprinted on the check. In this way, commercial banking institutions can ensure that only their imprinted and authorized checks are used by their account holders and are honored through the check clearing system. This application of the inventors' fingerprinting process would eliminate significant amounts of fraud in the commercial banking system.
Utilizing the present fingerprinting invention with other financial instruments would eliminate many other kinds of fraud, forgery and the like with minimal interruption or modification to presently used documentation paradigms through imprinting of account numbers, certificate numbers, and other identifying indicia or data with magnetic ink and the reading thereof as these financial instruments are processed. Stock certificates, bond certificates, bearer bonds, bond coupons, treasury bills, and other financial instruments could be fingerprinted to eliminate their forgery. Reading and verification of the fingerprint is easily achieved at the same time that the magnetic certificate number, account number, ID number, or other numbers on the instrument are read as the instrument is processed through various points in the financial markets. By utilizing the particular numbering already implemented, and readers already implemented, this increased level of protection for authenticity can be achieved with minimal change in the processing machinery. As such, the inventors' apparatus and method are uniquely suited to adaptation in this particular application.
Still another application involves the "copy protection" of mass distributed application software. Over the years, many schemes have been tried and almost uniformly abandoned for copy protecting publicly distributed diskettes of prerecorded software. This has happened for many reasons including the problem that almost all of the copy protection schemes previously implemented interfere with the running of the software on the user's computer. With the present invention, a copy protection scheme may be implemented which does not interfere with the running of the software and instead merely provides a precondition to running of what is otherwise normally written code. In its implementation, a software program may first instruct the computer on which it is run to read a fingerprint of a specified portion of the purchased diskette or tape and compare it with a prerecorded version of the same fingerprint. If the fingerprints match, then the software may permit the computer to further read and implement the application software. However, if the fingerprint detected by the computer does not match that which is stored in the software, then the software itself may inhibit further reading of the program and prevent its implementation. This would absolutely prevent a user from making a copy of a program for use by someone else. This scheme may also be slightly modified to permit a user to make a single archive or backup copy such that the fingerprint comparison permits the first non-matching fingerprint copy to be run but then prevents any other non-matching fingerprinted copies to run. As an added level of protection, the software can have previously determined fingerprints for multiple portions of a diskette stored therein, and can be configured to read and validate a fingerprint from a different region of the diskette each time the software is run. This implementation is easily achieved and "copy protects" application software reliably, inexpensively, and requires only minor hardware changes to the massive number of computers already in consumers' hands.
Still another significant application of the present invention involves authenticating credit cards using the single magnetic stripe already implemented on most major credit cards. Again, this may be contrasted with the '614 patent which suggests that a second stripe be added because of the required 2.6 inches of stripe length which must be dedicated to obtain a single macro fingerprint. The same method would be used as explained above to measure the "fingerprint" for a portion of the magnetic stripe and then record a digitized version of the fingerprint on the magnetic stripe. A credit card reader would then require the prerecorded fingerprint to be matched with a measured fingerprint every time the card is used to verify its authenticity. While there are already a large number of credit cards in circulation, these cards are routinely subject to expiration such that there is a continual replacement of these cards in the public's hands. Thus, over time the installed base of credit cards could be readily transformed to those which have been "fingerprinted." Furthermore, an existing card base may be "fingerprinted" as used to more rapidly implement the "fingerprint" system. This could be done at the next use of each card by each cardholder.
As an alternative or enhancement to this application of the present invention, the fingerprints for an entire region or multiple portions of a magnetic stripe can be determined and stored in a central database. Thereafter, when the consumer seeks to use the credit card on-line, for example, the seller can authenticate the credit card, and verify that the consumer possesses the card, by requesting the fingerprint for a selected portion of the magnetic stripe and comparing it to the previously stored data. Using an inexpensive card reader and perhaps appropriate software, the user can read the remanent noise for the selected portion of the magnetic stripe and transmit this information to the on-line seller for validation. Each time the consumer's credit card is used, a different or additional portion of the card can be selected by the seller or the credit card issuer for authentication purposes. In this manner, the validating fingerprint, which is transmitted from the purchaser to the seller, is changed each time the card is authenticated such that on-line interception and electronic eavesdropping are rendered harmless and ineffective for "stealing" a fingerprint and matching account number. If the transmitted fingerprint is intercepted, it will be useless for virtually all subsequent transactions.
This aspect of the present invention was developed from the inventors' recognition that a large and practically infinite number of fingerprints can be obtained from a magnetic medium of finite length or surface area. For example, in the case of a credit card, a different portion of the magnetic stripe (or a different portion of one of the magnetic stripe's multiple tracks) can be selected each time the card is authenticated to generate a unique fingerprint, where the selected portion may or may not overlap, and may or may not have the same length as a previously selected portion. In addition, multiple portions of the magnetic stripe can be selected and the remanent noises read therefrom, where the remanent noises from the multiple portions are then assembled into a single fingerprint for verification purposes. The remanent noises from multiple portions of the magnetic stripe can also be linearly combined, such as by adding, subtracting, or averaging the multiple remanent noises to generate a hybrid fingerprint that does not represent the remanent noise for any single portion of the magnetic medium. This would prevent an electronic eavesdropper, for example, from collecting over time the remanent noise data for a substantial portion of the magnetic medium. In the case of magnetic data cards, a second magnetic stripe can be applied to the card to further increase the number of available noise codes. By employing any one or a combination of these several methodologies, a seemingly limitless number of fingerprints can be derived from an object's magnetic medium so that a different fingerprint can be used each time the object is authenticated.
Although described above for credit cards, this aspect of the present invention is equally applicable to other applications as discussed more fully below, such as for remote authentication of network users before access to a computer network is granted. If there is any risk that a transmitted password could be intercepted and subsequently used by an unauthorized party, the network can employ one-time, non-reusable noise codes by selecting one or more different portions of a user's magnetic passcard each time the user requests access to the network. In still another application, a computer hardware or software manufacturer can ensure that technical support is only provided to the actual purchasers of the manufacturer's products. For example, before a software manufacturer sells a computer program on a floppy diskette at the retail level, remanent noise data for multiple portions or an entire region of the diskette can be collected and stored. Thereafter, if an alleged purchaser of the software seeks technical support, the software manufacturer can precondition its rendering of support upon the alleged purchaser's ability to, using a computer, read the remanent noise from a portion of the diskette selected by the manufacturer, where the computer can display the remanent noise data for the purchaser to read and report to the manufacturer. This selection can be changed each time technical support is requested to prevent support from being rendered to individuals that pirated the software rather than purchased it.
In still another application, the present invention may be coupled with a data base or processor such as in so-called Smart Cards. These credit card-like devices actually contain, in addition to perhaps the standard credit card magnetic stripe, an on-board electronic memory and/or microprocessor. This memory or microprocessor may contain all sorts of information including money substitute data. For example, at present a large number of these smart cards are in use worldwide as pre-paid telephone cards which are pre-loaded with a monetary amount which is charged against by a pay phone. The cards are used until their pre-loaded monetary equivalent has been depleted and then they are discarded. While various security methodologies have been developed to protect against fraud, they are subject to breach. The present invention is uniquely suited as a security scheme for smart cards as it depends solely on the magnetic microstructure of the particular magnetic medium. In use, the magnetic fingerprint could be stored on the magnetic stripe or in the smart card's on-chip memory. When coupled with a trap door function, no fraudulent card could be created without access to the trap door function and every transaction could be quickly preauthorized at a local card reader, without phoning a central clearing authority.
In an extension to all credit card and smart card applications, the fingerprint data may be stored along with each transaction so that a complete record or trail is created which traces a particular card's history. Thus, the present commonly used scheme where a number of fraudulent cards are created with a correct but stolen account number could either be thwarted or effectively prosecuted. Another level of security incorporates random positioning of a recorded fingerprint on, for example, a magnetic data card. This position might be a function of the card's number. For example, the card number modulo "P" might point the read electronics to a particular data bit around or next to which the recorded, machine readable fingerprint will be found.
As alluded to above, another significant category of applications involves utilizing the present invention in its gatekeeper function. For any system, network, process, machine, location, or other function to which access is desired to be restricted to only those who are authorized, the present invention provides a unique and reliable solution. In its simplest implementation, a passcard may be created with a magnetic stripe which is fingerprinted in accordance with the present invention. Although examples will be discussed in terms of utilizing a passcard, it should be understood that any magnetic medium can be similarly used in accordance with the teachings herein. As such, all other such examples and implementations are intended to be included within the present invention and shall be understood to be included within the term "passcard." This passcard may then become a personal ID card which may be used not only to control access, but to also identify the particular person accessing the service, function, etc. by storing the particular magnetic fingerprint of the card being used. Numerous examples may be readily considered. For example, access to a computer network through a remote terminal may be controlled utilizing a passcard of the present invention. This could be implemented through the use of a diskette that may be readily inserted in any floppy disk drive that could authenticate any one or more of the fingerprints on the diskette. Alternatively, an inexpensive card reader, adapted to read a passcard, could be utilized as well. In either case, different portions of the magnetic stripe could be used each time access is sought, in the same manner as that described above for magnetic data cards, to overcome the security risks of on-line interception and electronic eavesdropping.
Many other applications could utilize the passcard of the preferred embodiment as well. For example, a bank teller may be assigned a passcard which could then be used to track all of the transactions entered by the teller and thereby more reliably guard against teller fraud. The myriad of identification cards utilized by businesses, health plans, universities, hospitals, and other organizations or facilities could readily adopt and use a passcard to more securely identify and preauthorize the users of its services, facilities, etc. Not only would existing uses be readily amenable to replacement with the passcard of the present invention, but other new services and systems could be implemented because of the high degree of security provided by the present invention. This may well lead to the creation of national data bases, national ID cards, and other more universal implementations of credit cards or passcards. This is especially true if a system utilizes not only the magnetic fingerprint of a particular passcard, but also utilizes one or more additional security checks such as a picture ID, a personal identification number (PIN) or password that is perhaps encrypted, a human fingerprint, a hologram (presently imprinted on credit cards), or other such methodology which would thereby render the passcard system virtually impregnable. With such security, individuals may be more willing to turn over such detailed personal, financial, and health information as would make these systems feasible.
While the principal advantages and features of the present invention have been described above, and several examples given, a greater understanding of the invention may be attained by referring to the drawings and the detailed description of the preferred embodiments which follow.